login.bain.com Open in urlscan Pro
3.33.152.248 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://dvops.promo-nonprod.bain.io/
Effective URL:
https://login.bain.com/oauth2/ausip15rd8fTAcIyD357/v1/authorize?client_id=0oafp9eldrYFzFOQN357&code_challenge=-dvj7Yxnv...
Submission: On September 11 via api (September 11th 2023, 3:33:44 pm UTC) from US — Scanned from US

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 12 HTTP transactions. The main IP is 3.33.152.248, located in United States and belongs to AMAZON-02, US. The main domain is login.bain.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 15th 2023. Valid for: a year.

This is the only time login.bain.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:440... 2606:4700:4400::ac40:994b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:23c... 2600:9000:23cb:5400:1f:aa31:7740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	20.79.107.3 20.79.107.3	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	3.33.152.248 3.33.152.248	16509 (AMAZON-02) (AMAZON-02)
1	108.138.106.33 108.138.106.33	16509 (AMAZON-02) (AMAZON-02)
12	5

5 2606:4700:4400::ac40:994b (United States)

ASN13335 (CLOUDFLARENET, US)

dvops.promo-nonprod.bain.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:23cb:5400:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.79.107.3 (Frankfurt am Main, Germany)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

app-dvops-pa-backend-10.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.33.152.248 (United States)

ASN16509 (AMAZON-02, US)
PTR: a9d4dea8e2661b2ed.awsglobalaccelerator.com

login.bain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-33.jfk50.r.cloudfront.net

ok7static.oktacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	bain.io dvops.promo-nonprod.bain.io	2 MB
4	bain.com login.bain.com	10 KB
1	oktacdn.com ok7static.oktacdn.com — Cisco Umbrella Rank: 11483	10 KB
1	azurewebsites.net app-dvops-pa-backend-10.azurewebsites.net	654 B
1	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 985	141 KB
12	5

	Domain	Requested by
5	dvops.promo-nonprod.bain.io	dvops.promo-nonprod.bain.io
4	login.bain.com	dvops.promo-nonprod.bain.io login.bain.com
1	ok7static.oktacdn.com	login.bain.com
1	app-dvops-pa-backend-10.azurewebsites.net	dvops.promo-nonprod.bain.io
1	cdn.pendo.io	dvops.promo-nonprod.bain.io
12	5

This site contains no links.

Subject Issuer	Validity	Valid
dvops.promo-nonprod.bain.io Cloudflare Inc ECC CA-3	`2023-09-11` - `2024-09-09`	a year	crt.sh
cdn.pendo.io Amazon RSA 2048 M02	`2023-06-30` - `2024-07-28`	a year	crt.sh
*.azurewebsites.net Microsoft Azure TLS Issuing CA 06	`2023-05-21` - `2024-05-15`	a year	crt.sh
login.bain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-15` - `2024-02-28`	a year	crt.sh
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-03` - `2024-01-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.bain.com/oauth2/ausip15rd8fTAcIyD357/v1/authorize?client_id=0oafp9eldrYFzFOQN357&code_challenge=-dvj7YxnvR1SXcg0_oOHRmoQD1o8jzST68PVnRk9-fg&code_challenge_method=S256&nonce=KCrDbDuDGRLEYvrKsyHoTtboO9io9aGPkinutTLAhnjrRLE9fLKPrRj6zglyUL3D&redirect_uri=https%3A%2F%2Fdvops.promo-nonprod.bain.io%2Flogin%2Fcallback&response_type=code&state=bQ4fki6aCinwsDkroU3FK3Y2TjbkprjQogqj5sW9TAro7MpsAi0sScCgXeZaCMxA&scope=openid
Frame ID: 90D43BB4846F23FB2B741E25B6BFB291
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bain & Company External - Bad Request

Page URL History Show full URLs

https://dvops.promo-nonprod.bain.io/ Page URL
https://login.bain.com/oauth2/ausip15rd8fTAcIyD357/v1/authorize?client_id=0oafp9eldrYFzFOQN357&code... Page URL

Page Statistics

12
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

2526 kB
Transfer

9920 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://dvops.promo-nonprod.bain.io/ Page URL
https://login.bain.com/oauth2/ausip15rd8fTAcIyD357/v1/authorize?client_id=0oafp9eldrYFzFOQN357&code_challenge=-dvj7YxnvR1SXcg0_oOHRmoQD1o8jzST68PVnRk9-fg&code_challenge_method=S256&nonce=KCrDbDuDGRLEYvrKsyHoTtboO9io9aGPkinutTLAhnjrRLE9fLKPrRj6zglyUL3D&redirect_uri=https%3A%2F%2Fdvops.promo-nonprod.bain.io%2Flogin%2Fcallback&response_type=code&state=bQ4fki6aCinwsDkroU3FK3Y2TjbkprjQogqj5sW9TAro7MpsAi0sScCgXeZaCMxA&scope=openid Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
dvops.promo-nonprod.bain.io/ 1 KB
2 KB 735ms
628ms Document
text/html 2606:4700:4400::ac40:994b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dvops.promo-nonprod.bain.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:994b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df7b084ee9eac14a42b9b227ef3bc5bbc2362b1f9cd080405ec50ceda9019a6e

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; object-src 'none'; default-src 'self'; connect-src 'self' app-dvops-pa-backend-10.azurewebsites.net bainco.okta.com login.bain.com dev-7383913.okta.com login.bainlab.com app.pendo.io data.pendo.io pendo-static-4637271544168448.storage.googleapis.com; img-src 'self' cdn.pendo.io app.pendo.io pendo-static-4637271544168448.storage.googleapis.com data.pendo.io; manifest-src 'self'; script-src 'self' 'nonce-4923b56d527098d20240100b56e149f2' app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4637271544168448.storage.googleapis.com data.pendo.io; style-src 'self' 'nonce-4923b56d527098d20240100b56e149f2' 'sha256-+qgWJMlXYHOt6RS2jUoq7jWvSco/eAuPQcdQ2RYEKrE=' 'sha256-leOkeyahEUBPqaB4zZPCxB0zECW1+XKxf8t1Dv4IcjE=' 'sha256-r3NuNk+/sBNZXhDcifIhlL6jsFVOYKU6GjWJVOsPfDs=' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-GqSy0KVoWAycLdMGQfSl2uQyYkZrZJiBa/12ZQ7Cxy0=' 'sha256-AIYgLIwC/RQSW7RUUq9WxTv7W9tMtoLqB35enhP2vMs=' app.pendo.io cdn.pendo.io pendo-static-4637271544168448.storage.googleapis.com; font-src 'self' data:; frame-src 'self' app-dvops-pa-backend-10.azurewebsites.net bainco.okta.com login.bain.com dev-7383913.okta.com login.bainlab.com app.pendo.io data.pendo.io; child-src app.pendo.io; frame-ancestors 'self' app.pendo.io; form-action 'self';
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8050f845de53da53-MIA
content-encoding: br
content-security-policy: base-uri 'self'; object-src 'none'; default-src 'self'; connect-src 'self' app-dvops-pa-backend-10.azurewebsites.net bainco.okta.com login.bain.com dev-7383913.okta.com login.bainlab.com app.pendo.io data.pendo.io pendo-static-4637271544168448.storage.googleapis.com; img-src 'self' cdn.pendo.io app.pendo.io pendo-static-4637271544168448.storage.googleapis.com data.pendo.io; manifest-src 'self'; script-src 'self' 'nonce-4923b56d527098d20240100b56e149f2' app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4637271544168448.storage.googleapis.com data.pendo.io; style-src 'self' 'nonce-4923b56d527098d20240100b56e149f2' 'sha256-+qgWJMlXYHOt6RS2jUoq7jWvSco/eAuPQcdQ2RYEKrE=' 'sha256-leOkeyahEUBPqaB4zZPCxB0zECW1+XKxf8t1Dv4IcjE=' 'sha256-r3NuNk+/sBNZXhDcifIhlL6jsFVOYKU6GjWJVOsPfDs=' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-GqSy0KVoWAycLdMGQfSl2uQyYkZrZJiBa/12ZQ7Cxy0=' 'sha256-AIYgLIwC/RQSW7RUUq9WxTv7W9tMtoLqB35enhP2vMs=' app.pendo.io cdn.pendo.io pendo-static-4637271544168448.storage.googleapis.com; font-src 'self' data:; frame-src 'self' app-dvops-pa-backend-10.azurewebsites.net bainco.okta.com login.bain.com dev-7383913.okta.com login.bainlab.com app.pendo.io data.pendo.io; child-src app.pendo.io; frame-ancestors 'self' app.pendo.io; form-action 'self';
content-type: text/html
date: Mon, 11 Sep 2023 15:33:34 GMT
expires: 0
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
x-azure-ref: 20230911T153333Z-5mrhbc5bbd4z98by5w8hv4c4en00000004vg00000000f4gm
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 env.js Show response
dvops.promo-nonprod.bain.io/ 322 B
1 KB 611ms
610ms Script
application/javascript 2606:4700:4400::ac40:994b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dvops.promo-nonprod.bain.io/env.js

Requested by

Host: dvops.promo-nonprod.bain.io
URL: https://dvops.promo-nonprod.bain.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:994b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd18e837eac97b2986b7a86e7e8b1973d5cda474b5c393aa7750e76959aca390

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; object-src 'none'; default-src 'self'; connect-src 'self' app-dvops-pa-backend-10.azurewebsites.net bainco.okta.com login.bain.com dev-7383913.okta.com login.bainlab.com app.pendo.io data.pendo.io pendo-static-4637271544168448.storage.googleapis.com; img-src 'self' cdn.pendo.io app.pendo.io pendo-static-4637271544168448.storage.googleapis.com data.pendo.io; manifest-src 'self'; script-src 'self' 'nonce-a622e613bc4d37868f75c72e4a9b59dc' app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4637271544168448.storage.googleapis.com data.pendo.io; style-src 'self' 'nonce-a622e613bc4d37868f75c72e4a9b59dc' 'sha256-+qgWJMlXYHOt6RS2jUoq7jWvSco/eAuPQcdQ2RYEKrE=' 'sha256-leOkeyahEUBPqaB4zZPCxB0zECW1+XKxf8t1Dv4IcjE=' 'sha256-r3NuNk+/sBNZXhDcifIhlL6jsFVOYKU6GjWJVOsPfDs=' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-GqSy0KVoWAycLdMGQfSl2uQyYkZrZJiBa/12ZQ7Cxy0=' 'sha256-AIYgLIwC/RQSW7RUUq9WxTv7W9tMtoLqB35enhP2vMs=' app.pendo.io cdn.pendo.io pendo-static-4637271544168448.storage.googleapis.com; font-src 'self' data:; frame-src 'self' app-dvops-pa-backend-10.azurewebsites.net bainco.okta.com login.bain.com dev-7383913.okta.com login.bainlab.com app.pendo.io data.pendo.io; child-src app.pendo.io; frame-ancestors 'self' app.pendo.io; form-action 'self';
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dvops.promo-nonprod.bain.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:33:34 GMT
strict-transport-security: max-age=86400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: base-uri 'self'; object-src 'none'; default-src 'self'; connect-src 'self' app-dvops-pa-backend-10.azurewebsites.net bainco.okta.com login.bain.com dev-7383913.okta.com login.bainlab.com app.pendo.io data.pendo.io pendo-static-4637271544168448.storage.googleapis.com; img-src 'self' cdn.pendo.io app.pendo.io pendo-static-4637271544168448.storage.googleapis.com data.pendo.io; manifest-src 'self'; script-src 'self' 'nonce-a622e613bc4d37868f75c72e4a9b59dc' app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4637271544168448.storage.googleapis.com data.pendo.io; style-src 'self' 'nonce-a622e613bc4d37868f75c72e4a9b59dc' 'sha256-+qgWJMlXYHOt6RS2jUoq7jWvSco/eAuPQcdQ2RYEKrE=' 'sha256-leOkeyahEUBPqaB4zZPCxB0zECW1+XKxf8t1Dv4IcjE=' 'sha256-r3NuNk+/sBNZXhDcifIhlL6jsFVOYKU6GjWJVOsPfDs=' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-GqSy0KVoWAycLdMGQfSl2uQyYkZrZJiBa/12ZQ7Cxy0=' 'sha256-AIYgLIwC/RQSW7RUUq9WxTv7W9tMtoLqB35enhP2vMs=' app.pendo.io cdn.pendo.io pendo-static-4637271544168448.storage.googleapis.com; font-src 'self' data:; frame-src 'self' app-dvops-pa-backend-10.azurewebsites.net bainco.okta.com login.bain.com dev-7383913.okta.com login.bainlab.com app.pendo.io data.pendo.io; child-src app.pendo.io; frame-ancestors 'self' app.pendo.io; form-action 'self';
cf-cache-status: MISS
content-encoding: br
x-cache: CONFIG_NOCACHE
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 11 Sep 2023 14:42:28 GMT
server: cloudflare
etag: W/"64ff2754-142"
x-frame-options: DENY
x-azure-ref: 20230911T153334Z-9n5trkbys9307b9eheaa718v640000000nm00000000037x6
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 8050f849dae4da53-MIA
expires: 0

GET
H2 200 main.5be69c74.js Show response
dvops.promo-nonprod.bain.io/static/js/ 9 MB
2 MB 796ms
795ms Script
application/javascript 2606:4700:4400::ac40:994b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dvops.promo-nonprod.bain.io/static/js/main.5be69c74.js

Requested by

Host: dvops.promo-nonprod.bain.io
URL: https://dvops.promo-nonprod.bain.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:994b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34d18ba3208ee38b356493f5fa4d4a8e1bfa4f5907c7c16b3025861ce8aff940

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; object-src 'none'; default-src 'self'; connect-src 'self' app-dvops-pa-backend-10.azurewebsites.net bainco.okta.com login.bain.com dev-7383913.okta.com login.bainlab.com app.pendo.io data.pendo.io pendo-static-4637271544168448.storage.googleapis.com; img-src 'self' cdn.pendo.io app.pendo.io pendo-static-4637271544168448.storage.googleapis.com data.pendo.io; manifest-src 'self'; script-src 'self' 'nonce-47344b30bd465c6995972be6508f2eb2' app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4637271544168448.storage.googleapis.com data.pendo.io; style-src 'self' 'nonce-47344b30bd465c6995972be6508f2eb2' 'sha256-+qgWJMlXYHOt6RS2jUoq7jWvSco/eAuPQcdQ2RYEKrE=' 'sha256-leOkeyahEUBPqaB4zZPCxB0zECW1+XKxf8t1Dv4IcjE=' 'sha256-r3NuNk+/sBNZXhDcifIhlL6jsFVOYKU6GjWJVOsPfDs=' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-GqSy0KVoWAycLdMGQfSl2uQyYkZrZJiBa/12ZQ7Cxy0=' 'sha256-AIYgLIwC/RQSW7RUUq9WxTv7W9tMtoLqB35enhP2vMs=' app.pendo.io cdn.pendo.io pendo-static-4637271544168448.storage.googleapis.com; font-src 'self' data:; frame-src 'self' app-dvops-pa-backend-10.azurewebsites.net bainco.okta.com login.bain.com dev-7383913.okta.com login.bainlab.com app.pendo.io data.pendo.io; child-src app.pendo.io; frame-ancestors 'self' app.pendo.io; form-action 'self';
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dvops.promo-nonprod.bain.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:33:35 GMT
strict-transport-security: max-age=86400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: base-uri 'self'; object-src 'none'; default-src 'self'; connect-src 'self' app-dvops-pa-backend-10.azurewebsites.net bainco.okta.com login.bain.com dev-7383913.okta.com login.bainlab.com app.pendo.io data.pendo.io pendo-static-4637271544168448.storage.googleapis.com; img-src 'self' cdn.pendo.io app.pendo.io pendo-static-4637271544168448.storage.googleapis.com data.pendo.io; manifest-src 'self'; script-src 'self' 'nonce-47344b30bd465c6995972be6508f2eb2' app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4637271544168448.storage.googleapis.com data.pendo.io; style-src 'self' 'nonce-47344b30bd465c6995972be6508f2eb2' 'sha256-+qgWJMlXYHOt6RS2jUoq7jWvSco/eAuPQcdQ2RYEKrE=' 'sha256-leOkeyahEUBPqaB4zZPCxB0zECW1+XKxf8t1Dv4IcjE=' 'sha256-r3NuNk+/sBNZXhDcifIhlL6jsFVOYKU6GjWJVOsPfDs=' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-GqSy0KVoWAycLdMGQfSl2uQyYkZrZJiBa/12ZQ7Cxy0=' 'sha256-AIYgLIwC/RQSW7RUUq9WxTv7W9tMtoLqB35enhP2vMs=' app.pendo.io cdn.pendo.io pendo-static-4637271544168448.storage.googleapis.com; font-src 'self' data:; frame-src 'self' app-dvops-pa-backend-10.azurewebsites.net bainco.okta.com login.bain.com dev-7383913.okta.com login.bainlab.com app.pendo.io data.pendo.io; child-src app.pendo.io; frame-ancestors 'self' app.pendo.io; form-action 'self';
cf-cache-status: MISS
content-encoding: br
x-cache: CONFIG_NOCACHE
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Sep 2023 12:52:13 GMT
server: cloudflare
etag: W/"64ff0d7d-889180"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
x-azure-ref: 20230911T153334Z-akyrwwr3pp7mx1hh9h0xtunsp00000000na000000001hf0g
cache-control: public, max-age=2592000
cf-ray: 8050f849dae5da53-MIA
expires: Wed, 11 Oct 2023 15:33:34 GMT

GET
H2 200 main.c0d989da.css
dvops.promo-nonprod.bain.io/static/css/ 716 KB
109 KB 798ms
797ms Stylesheet
text/css 2606:4700:4400::ac40:994b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dvops.promo-nonprod.bain.io/static/css/main.c0d989da.css

Requested by

Host: dvops.promo-nonprod.bain.io
URL: https://dvops.promo-nonprod.bain.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:994b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44c235ecf822daf464c664f490228b24d35c4305cb8d73f7af3512ba0712023b

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; object-src 'none'; default-src 'self'; connect-src 'self' app-dvops-pa-backend-10.azurewebsites.net bainco.okta.com login.bain.com dev-7383913.okta.com login.bainlab.com app.pendo.io data.pendo.io pendo-static-4637271544168448.storage.googleapis.com; img-src 'self' cdn.pendo.io app.pendo.io pendo-static-4637271544168448.storage.googleapis.com data.pendo.io; manifest-src 'self'; script-src 'self' 'nonce-ecca5ebaffcba903f494aa3e54109370' app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4637271544168448.storage.googleapis.com data.pendo.io; style-src 'self' 'nonce-ecca5ebaffcba903f494aa3e54109370' 'sha256-+qgWJMlXYHOt6RS2jUoq7jWvSco/eAuPQcdQ2RYEKrE=' 'sha256-leOkeyahEUBPqaB4zZPCxB0zECW1+XKxf8t1Dv4IcjE=' 'sha256-r3NuNk+/sBNZXhDcifIhlL6jsFVOYKU6GjWJVOsPfDs=' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-GqSy0KVoWAycLdMGQfSl2uQyYkZrZJiBa/12ZQ7Cxy0=' 'sha256-AIYgLIwC/RQSW7RUUq9WxTv7W9tMtoLqB35enhP2vMs=' app.pendo.io cdn.pendo.io pendo-static-4637271544168448.storage.googleapis.com; font-src 'self' data:; frame-src 'self' app-dvops-pa-backend-10.azurewebsites.net bainco.okta.com login.bain.com dev-7383913.okta.com login.bainlab.com app.pendo.io data.pendo.io; child-src app.pendo.io; frame-ancestors 'self' app.pendo.io; form-action 'self';
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dvops.promo-nonprod.bain.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:33:35 GMT
strict-transport-security: max-age=86400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: base-uri 'self'; object-src 'none'; default-src 'self'; connect-src 'self' app-dvops-pa-backend-10.azurewebsites.net bainco.okta.com login.bain.com dev-7383913.okta.com login.bainlab.com app.pendo.io data.pendo.io pendo-static-4637271544168448.storage.googleapis.com; img-src 'self' cdn.pendo.io app.pendo.io pendo-static-4637271544168448.storage.googleapis.com data.pendo.io; manifest-src 'self'; script-src 'self' 'nonce-ecca5ebaffcba903f494aa3e54109370' app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4637271544168448.storage.googleapis.com data.pendo.io; style-src 'self' 'nonce-ecca5ebaffcba903f494aa3e54109370' 'sha256-+qgWJMlXYHOt6RS2jUoq7jWvSco/eAuPQcdQ2RYEKrE=' 'sha256-leOkeyahEUBPqaB4zZPCxB0zECW1+XKxf8t1Dv4IcjE=' 'sha256-r3NuNk+/sBNZXhDcifIhlL6jsFVOYKU6GjWJVOsPfDs=' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-GqSy0KVoWAycLdMGQfSl2uQyYkZrZJiBa/12ZQ7Cxy0=' 'sha256-AIYgLIwC/RQSW7RUUq9WxTv7W9tMtoLqB35enhP2vMs=' app.pendo.io cdn.pendo.io pendo-static-4637271544168448.storage.googleapis.com; font-src 'self' data:; frame-src 'self' app-dvops-pa-backend-10.azurewebsites.net bainco.okta.com login.bain.com dev-7383913.okta.com login.bainlab.com app.pendo.io data.pendo.io; child-src app.pendo.io; frame-ancestors 'self' app.pendo.io; form-action 'self';
cf-cache-status: MISS
content-encoding: br
x-cache: CONFIG_NOCACHE
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Sep 2023 12:52:13 GMT
server: cloudflare
etag: W/"64ff0d7d-b30b3"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
x-azure-ref: 20230911T153334Z-bmfa745rsh6ff3nqpfm6s072v000000004x0000000000r78
cache-control: public, max-age=2592000
cf-ray: 8050f849dae2da53-MIA
expires: Wed, 11 Oct 2023 15:33:34 GMT

GET
H2 200 pendo.js Show response
cdn.pendo.io/agent/static/5df73219-7fe4-490a-53c4-6d2010fc2694/ 423 KB
141 KB 361ms
103ms Script
application/javascript 2600:9000:23cb:5400:1f:aa31:7740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/5df73219-7fe4-490a-53c4-6d2010fc2694/pendo.js
Requested by: Host: dvops.promo-nonprod.bain.io
URL: https://dvops.promo-nonprod.bain.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:5400:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 052e1dedda2b2eaee41e0f0fe5c456e0097f01b9d909c2f8f7616d361a2faf3c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dvops.promo-nonprod.bain.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:33:36 GMT
content-encoding: gzip
via: 1.1 3d84bfab616d594edc9340870455ee6a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P1
x-guploader-uploadid: ADPycdsR69llB3uBb7mGq3Vlq8kdQdfXRTpNlSt__tvXgUA0_6EBnpkRZ91FmmQJIZQe3SIaM79KfqNisDE0Ia6ZfKCO5w
x-cache: RefreshHit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 143086
last-modified: Thu, 31 Aug 2023 18:08:57 GMT
server: UploadServer
etag: "833bfa022ff0b701a0d21360452ec7e7"
vary: Accept-Encoding
x-goog-generation: 1693505337000473
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=vvePQQ==, md5=gzv6Ai/wtwGg0hNgRS7H5w==
access-control-expose-headers: *
cache-control: max-age=450
x-goog-stored-content-length: 143086
accept-ranges: bytes
x-amz-cf-id: qgziuMBWZ59WVTKwREkqeYCAFWBpIajC-EGc7lXHEbjIMR0wtIZcQw==
expires: Mon, 11 Sep 2023 15:41:06 GMT

GET
H2 200 roboto-v30-latin-ext_latin-regular.eb22083c5d54b03d273a.woff2
dvops.promo-nonprod.bain.io/static/media/ 22 KB
23 KB 695ms
695ms Font
font/woff2 2606:4700:4400::ac40:994b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dvops.promo-nonprod.bain.io/static/media/roboto-v30-latin-ext_latin-regular.eb22083c5d54b03d273a.woff2

Requested by

Host: dvops.promo-nonprod.bain.io
URL: https://dvops.promo-nonprod.bain.io/static/css/main.c0d989da.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:994b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; object-src 'none'; default-src 'self'; connect-src 'self' app-dvops-pa-backend-10.azurewebsites.net bainco.okta.com login.bain.com dev-7383913.okta.com login.bainlab.com app.pendo.io data.pendo.io pendo-static-4637271544168448.storage.googleapis.com; img-src 'self' cdn.pendo.io app.pendo.io pendo-static-4637271544168448.storage.googleapis.com data.pendo.io; manifest-src 'self'; script-src 'self' 'nonce-3b33a3716031dd9f2c3d751faf04e087' app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4637271544168448.storage.googleapis.com data.pendo.io; style-src 'self' 'nonce-3b33a3716031dd9f2c3d751faf04e087' 'sha256-+qgWJMlXYHOt6RS2jUoq7jWvSco/eAuPQcdQ2RYEKrE=' 'sha256-leOkeyahEUBPqaB4zZPCxB0zECW1+XKxf8t1Dv4IcjE=' 'sha256-r3NuNk+/sBNZXhDcifIhlL6jsFVOYKU6GjWJVOsPfDs=' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-GqSy0KVoWAycLdMGQfSl2uQyYkZrZJiBa/12ZQ7Cxy0=' 'sha256-AIYgLIwC/RQSW7RUUq9WxTv7W9tMtoLqB35enhP2vMs=' app.pendo.io cdn.pendo.io pendo-static-4637271544168448.storage.googleapis.com; font-src 'self' data:; frame-src 'self' app-dvops-pa-backend-10.azurewebsites.net bainco.okta.com login.bain.com dev-7383913.okta.com login.bainlab.com app.pendo.io data.pendo.io; child-src app.pendo.io; frame-ancestors 'self' app.pendo.io; form-action 'self';
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dvops.promo-nonprod.bain.io/static/css/main.c0d989da.css
Origin: https://dvops.promo-nonprod.bain.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:33:39 GMT
strict-transport-security: max-age=86400; includeSubDomains
x-content-type-options: nosniff
content-security-policy: base-uri 'self'; object-src 'none'; default-src 'self'; connect-src 'self' app-dvops-pa-backend-10.azurewebsites.net bainco.okta.com login.bain.com dev-7383913.okta.com login.bainlab.com app.pendo.io data.pendo.io pendo-static-4637271544168448.storage.googleapis.com; img-src 'self' cdn.pendo.io app.pendo.io pendo-static-4637271544168448.storage.googleapis.com data.pendo.io; manifest-src 'self'; script-src 'self' 'nonce-3b33a3716031dd9f2c3d751faf04e087' app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4637271544168448.storage.googleapis.com data.pendo.io; style-src 'self' 'nonce-3b33a3716031dd9f2c3d751faf04e087' 'sha256-+qgWJMlXYHOt6RS2jUoq7jWvSco/eAuPQcdQ2RYEKrE=' 'sha256-leOkeyahEUBPqaB4zZPCxB0zECW1+XKxf8t1Dv4IcjE=' 'sha256-r3NuNk+/sBNZXhDcifIhlL6jsFVOYKU6GjWJVOsPfDs=' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-GqSy0KVoWAycLdMGQfSl2uQyYkZrZJiBa/12ZQ7Cxy0=' 'sha256-AIYgLIwC/RQSW7RUUq9WxTv7W9tMtoLqB35enhP2vMs=' app.pendo.io cdn.pendo.io pendo-static-4637271544168448.storage.googleapis.com; font-src 'self' data:; frame-src 'self' app-dvops-pa-backend-10.azurewebsites.net bainco.okta.com login.bain.com dev-7383913.okta.com login.bainlab.com app.pendo.io data.pendo.io; child-src app.pendo.io; frame-ancestors 'self' app.pendo.io; form-action 'self';
cf-cache-status: MISS
x-cache: CONFIG_NOCACHE
content-length: 22560
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Sep 2023 12:52:13 GMT
server: cloudflare
etag: "64ff0d7d-5820"
vary: Accept-Encoding
x-frame-options: DENY
content-type: font/woff2
x-azure-ref: 20230911T153338Z-vs70d49cyx27pcd7kasqy46dzn00000004kg00000001cmn4
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 8050f8654d95da53-MIA
expires: Wed, 11 Oct 2023 15:33:39 GMT

GET
H/1.1 200
OK client-credentials
app-dvops-pa-backend-10.azurewebsites.net/api/auth/ 97 B
654 B 523ms
157ms XHR
application/json 20.79.107.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://app-dvops-pa-backend-10.azurewebsites.net/api/auth/client-credentials

Requested by

Host: dvops.promo-nonprod.bain.io
URL: https://dvops.promo-nonprod.bain.io/static/js/main.5be69c74.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.79.107.3 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://dvops.promo-nonprod.bain.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Sep 2023 15:33:39 GMT
Strict-Transport-Security: max-age=63072000 ; includeSubDomains
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: application/json
Access-Control-Allow-Origin: https://dvops.promo-nonprod.bain.io
Cache-Control: no-store, must-revalidate, no-cache, max-age=0
Access-Control-Allow-Credentials: true
X-Frame-Options: DENY
X-XSS-Protection: 0
Expires: 0

OPTIONS
H/1.1 200
OK openid-configuration
login.bain.com/oauth2/ausip15rd8fTAcIyD357/.well-known/ 0
0 407ms
127ms Preflight
application/octet-stream 3.33.152.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.bain.com/oauth2/ausip15rd8fTAcIyD357/.well-known/openid-configuration

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.152.248 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a9d4dea8e2661b2ed.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-okta-user-agent-extended
Access-Control-Request-Method: GET
Origin: https://dvops.promo-nonprod.bain.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-okta-user-agent-extended
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://dvops.promo-nonprod.bain.io
Access-Control-Max-Age: 3600
Connection: Keep-Alive
Content-Length: 0
Content-Type: application/octet-stream
Date: Mon, 11 Sep 2023 15:33:39 GMT
Keep-Alive: timeout=5, max=100
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
Vary: Origin
X-Okta-Request-Id: ZP8zU9r7lTSiINiWsUeblgAABf4

GET
H/1.1 200
OK openid-configuration
login.bain.com/oauth2/ausip15rd8fTAcIyD357/.well-known/ 3 KB
5 KB 162ms
161ms Fetch
application/json 3.33.152.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.bain.com/oauth2/ausip15rd8fTAcIyD357/.well-known/openid-configuration

Requested by

Host: dvops.promo-nonprod.bain.io
URL: https://dvops.promo-nonprod.bain.io/static/js/main.5be69c74.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.152.248 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a9d4dea8e2661b2ed.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://dvops.promo-nonprod.bain.io/
X-Okta-User-Agent-Extended: okta-auth-js/7.4.0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/json

Response headers

X-Okta-Request-Id: ZP8zU9r7lTSiINiWsUebmwAABf4
Date: Mon, 11 Sep 2023 15:33:39 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
Strict-Transport-Security: max-age=315360000; includeSubDomains
content-security-policy-report-only: default-src 'self' bainco.okta.com login.bain.com *.oktacdn.com; connect-src 'self' bainco.okta.com bainco-admin.okta.com login.bain.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com bainco.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' bainco.okta.com login.bain.com *.oktacdn.com; style-src 'unsafe-inline' 'self' bainco.okta.com login.bain.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' bainco.okta.com bainco-admin.okta.com login.bain.com login.okta.com com-okta-authenticator:; img-src 'self' bainco.okta.com login.bain.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' bainco.okta.com login.bain.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Transfer-Encoding: chunked
p3p: CP="HONK"
Connection: Keep-Alive
x-xss-protection: 0
Server: nginx
vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://dvops.promo-nonprod.bain.io
cache-control: max-age=86400, must-revalidate
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=5, max=99
expires: Tue, 12 Sep 2023 15:33:39 GMT

GET
H/1.1 400
Bad Request Primary Request authorize Show response
login.bain.com/oauth2/ausip15rd8fTAcIyD357/v1/ 3 KB
4 KB 409ms
191ms Document
text/html 3.33.152.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.bain.com/oauth2/ausip15rd8fTAcIyD357/v1/authorize?client_id=0oafp9eldrYFzFOQN357&code_challenge=-dvj7YxnvR1SXcg0_oOHRmoQD1o8jzST68PVnRk9-fg&code_challenge_method=S256&nonce=KCrDbDuDGRLEYvrKsyHoTtboO9io9aGPkinutTLAhnjrRLE9fLKPrRj6zglyUL3D&redirect_uri=https%3A%2F%2Fdvops.promo-nonprod.bain.io%2Flogin%2Fcallback&response_type=code&state=bQ4fki6aCinwsDkroU3FK3Y2TjbkprjQogqj5sW9TAro7MpsAi0sScCgXeZaCMxA&scope=openid

Requested by

Host: dvops.promo-nonprod.bain.io
URL: https://dvops.promo-nonprod.bain.io/static/js/main.5be69c74.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.152.248 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a9d4dea8e2661b2ed.awsglobalaccelerator.com

Software

nginx /

Resource Hash

0d2edc2e33b6fb52d804118fe1127ce6fff5201b775e337de7a0af79c1020996

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dvops.promo-nonprod.bain.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: close
Content-Length: 2664
Content-Type: text/html;charset=utf-8
Date: Mon, 11 Sep 2023 15:33:40 GMT
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
cache-control: no-cache, no-store
content-language: en
expires: 0
p3p: CP="HONK"
pragma: no-cache
referrer-policy: no-referrer
x-content-type-options: nosniff
x-okta-request-id: ZP8zVPdsR4KM6paXDK8mdAAAAho
x-rate-limit-limit: 1200
x-rate-limit-remaining: 1195
x-rate-limit-reset: 1694446455
x-xss-protection: 0

GET
H/1.1 200
OK errors-v2.css
login.bain.com/assets/css/sections/ 2 KB
1 KB 349ms
130ms Stylesheet
text/css 3.33.152.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.bain.com/assets/css/sections/errors-v2.css

Requested by

Host: login.bain.com
URL: https://login.bain.com/oauth2/ausip15rd8fTAcIyD357/v1/authorize?client_id=0oafp9eldrYFzFOQN357&code_challenge=-dvj7YxnvR1SXcg0_oOHRmoQD1o8jzST68PVnRk9-fg&code_challenge_method=S256&nonce=KCrDbDuDGRLEYvrKsyHoTtboO9io9aGPkinutTLAhnjrRLE9fLKPrRj6zglyUL3D&redirect_uri=https%3A%2F%2Fdvops.promo-nonprod.bain.io%2Flogin%2Fcallback&response_type=code&state=bQ4fki6aCinwsDkroU3FK3Y2TjbkprjQogqj5sW9TAro7MpsAi0sScCgXeZaCMxA&scope=openid

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.152.248 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a9d4dea8e2661b2ed.awsglobalaccelerator.com

Software

nginx /

Resource Hash

07d7429f55979af1968161a3eb812a39c797f9c3e2f0fd88aecbf1ea741349c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Mon, 11 Sep 2023 15:33:40 GMT
x-amz-meta-sha1sum: a0af4ecf251187b0203ff095d16f850cc57a38c1
Content-Encoding: gzip
Strict-Transport-Security: max-age=315360000; includeSubDomains
Last-Modified: Thu, 03 Nov 2022 21:54:24 GMT
Server: nginx
ETag: W/"80127ba5c47706686501006723ba83da"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: Tue, 10 Sep 2024 15:33:40 GMT

GET
H2 200 fs0tfdadl2XnNHbwM357
ok7static.oktacdn.com/fs/bco/1/ 9 KB
10 KB 282ms
78ms Image
image/png 108.138.106.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ok7static.oktacdn.com/fs/bco/1/fs0tfdadl2XnNHbwM357

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-33.jfk50.r.cloudfront.net

Software

nginx /

Resource Hash

74a5bf83a3c489c6732bb438afb5ae4de337a4d4c6b2efc53d974351b937df72

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 01:26:23 GMT
strict-transport-security: max-age=315360000; includeSubDomains
via: 1.1 1ecc1c31dec508980f534756c9974928.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
age: 828437
x-cache: Hit from cloudfront
content-length: 9205
last-modified: Sat, 24 Jun 2023 01:30:50 GMT
server: nginx
etag: "82e0f14e6d06ea43aca69bfa5ecadfbc"
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: d9rWPtXCtDnsb4Y0D221P0eDefKZVo3ZjjswGAzJcmtDDJnA7sSRcw==
expires: Sun, 01 Sep 2024 01:26:23 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bain.io/	1970-01-20 14:40:48	Name: __cf_bm Value: Hp_U9TJ8CbVTjSW8WQmhm7qWnDbO07iIrOk.3lo5lqY-1694446414-0-AYL5WUlXBBSkE5kG33rWMNFdkt7Te2EQVjGtPBr76hJ7kTE/yPgQTv6K5Q6b/kHjSq8eQvAMr1tgEVGkwHK3Bqc=
login.bain.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 94F36F1FD1C85DF725AFDFBF9F8F3FC5
login.bain.com/	1969-12-31 23:59:59	Name: t Value: red-bright
login.bain.com/	1970-01-21 00:16:46	Name: DT Value: DI1q5J3KtTVRECHLn0VBrtC7A

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://dvops.promo-nonprod.bain.io/static/js/main.5be69c74.js(Line 1) Message: Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'self' 'nonce-4923b56d527098d20240100b56e149f2' 'sha256-+qgWJMlXYHOt6RS2jUoq7jWvSco/eAuPQcdQ2RYEKrE=' 'sha256-leOkeyahEUBPqaB4zZPCxB0zECW1+XKxf8t1Dv4IcjE=' 'sha256-r3NuNk+/sBNZXhDcifIhlL6jsFVOYKU6GjWJVOsPfDs=' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-GqSy0KVoWAycLdMGQfSl2uQyYkZrZJiBa/12ZQ7Cxy0=' 'sha256-AIYgLIwC/RQSW7RUUq9WxTv7W9tMtoLqB35enhP2vMs=' app.pendo.io cdn.pendo.io pendo-static-4637271544168448.storage.googleapis.com". Either the 'unsafe-inline' keyword, a hash ('sha256-XQEl0+y9C6bSvZdjhDm8sN21dR91ra/iastsw6Wqpwk='), or a nonce ('nonce-...') is required to enable inline execution.
network	error	URL: https://login.bain.com/oauth2/ausip15rd8fTAcIyD357/v1/authorize?client_id=0oafp9eldrYFzFOQN357&code_challenge=-dvj7YxnvR1SXcg0_oOHRmoQD1o8jzST68PVnRk9-fg&code_challenge_method=S256&nonce=KCrDbDuDGRLEYvrKsyHoTtboO9io9aGPkinutTLAhnjrRLE9fLKPrRj6zglyUL3D&redirect_uri=https%3A%2F%2Fdvops.promo-nonprod.bain.io%2Flogin%2Fcallback&response_type=code&state=bQ4fki6aCinwsDkroU3FK3Y2TjbkprjQogqj5sW9TAro7MpsAi0sScCgXeZaCMxA&scope=openid Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	base-uri 'self'; object-src 'none'; default-src 'self'; connect-src 'self' app-dvops-pa-backend-10.azurewebsites.net bainco.okta.com login.bain.com dev-7383913.okta.com login.bainlab.com app.pendo.io data.pendo.io pendo-static-4637271544168448.storage.googleapis.com; img-src 'self' cdn.pendo.io app.pendo.io pendo-static-4637271544168448.storage.googleapis.com data.pendo.io; manifest-src 'self'; script-src 'self' 'nonce-4923b56d527098d20240100b56e149f2' app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-4637271544168448.storage.googleapis.com data.pendo.io; style-src 'self' 'nonce-4923b56d527098d20240100b56e149f2' 'sha256-+qgWJMlXYHOt6RS2jUoq7jWvSco/eAuPQcdQ2RYEKrE=' 'sha256-leOkeyahEUBPqaB4zZPCxB0zECW1+XKxf8t1Dv4IcjE=' 'sha256-r3NuNk+/sBNZXhDcifIhlL6jsFVOYKU6GjWJVOsPfDs=' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-GqSy0KVoWAycLdMGQfSl2uQyYkZrZJiBa/12ZQ7Cxy0=' 'sha256-AIYgLIwC/RQSW7RUUq9WxTv7W9tMtoLqB35enhP2vMs=' app.pendo.io cdn.pendo.io pendo-static-4637271544168448.storage.googleapis.com; font-src 'self' data:; frame-src 'self' app-dvops-pa-backend-10.azurewebsites.net bainco.okta.com login.bain.com dev-7383913.okta.com login.bainlab.com app.pendo.io data.pendo.io; child-src app.pendo.io; frame-ancestors 'self' app.pendo.io; form-action 'self';
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app-dvops-pa-backend-10.azurewebsites.net
cdn.pendo.io
dvops.promo-nonprod.bain.io
login.bain.com
ok7static.oktacdn.com
108.138.106.33
20.79.107.3
2600:9000:23cb:5400:1f:aa31:7740:93a1
2606:4700:4400::ac40:994b
3.33.152.248
052e1dedda2b2eaee41e0f0fe5c456e0097f01b9d909c2f8f7616d361a2faf3c
07d7429f55979af1968161a3eb812a39c797f9c3e2f0fd88aecbf1ea741349c1
0d2edc2e33b6fb52d804118fe1127ce6fff5201b775e337de7a0af79c1020996
34d18ba3208ee38b356493f5fa4d4a8e1bfa4f5907c7c16b3025861ce8aff940
44c235ecf822daf464c664f490228b24d35c4305cb8d73f7af3512ba0712023b
74a5bf83a3c489c6732bb438afb5ae4de337a4d4c6b2efc53d974351b937df72
dd18e837eac97b2986b7a86e7e8b1973d5cda474b5c393aa7750e76959aca390
df7b084ee9eac14a42b9b227ef3bc5bbc2362b1f9cd080405ec50ceda9019a6e

login.bain.com Open in urlscan Pro 3.33.152.248 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

12 Requests

100 %HTTPS

40 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

2526 kBTransfer

9920 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

4 Cookies

2 Console Messages

Security Headers

Indicators

login.bain.com Open in urlscan Pro
3.33.152.248 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

2526 kB
Transfer

9920 kB
Size

4
Cookies

12 HTTP transactions
0 data transactions